12
Follow an example:
if(isset($_POST['nome']) && !empty($_POST['nome'])) {
session_start();
$_SESSION['nome'] = $_POST['nome'];
}
If I can’t use this, what would be recommended? I’m trying to adopt the best security issues for my site.
Interesting quote from a reference displayed in the @qmechanik response:
isset()
test whether the variable was "started(isset)" and if you’re not null.
empty()
can return "true" when the variable was "started(isset) by certain values.
Final logic: !empty
check if it is not vázio, so if it is not empty it has been started, so !empty
is enough and does not depend on isset
, unlike the isset
that depends on the !empty
(This does not remove the fact that you can put isset
and empty
in such a situation) in some situations, finally any thought or quote that contradicts this, please reply if possible, thank you.
What is the intention, in terms of security?
– bfavaretto
Any care is little, I want to be safe in anything because my web will mess with some personal data and I do not want it to leak to any other hacker who has nothing to do..
– Kevin mtk